package cn.tworice.cryption.util;

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/**
 * 混合加密 RSA+AES
 * 1、使用对称加密对数据进行加密
 * 2、使用【非对称加密中的公钥】 对 【对称密钥】进行加密
 * 3、使用【私钥】对公钥加密过的对称密钥进行解密
 * 4、将解密后的密钥对数据进行解密
 */
public class HybridEncryptionUtil {
    public static void main(String[] args) throws Exception {
        // 生成RSA密钥对
        KeyPair keyPair = generateRSAKeyPair(2048);

        // 要加密的数据
        String data = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6InJvb3QiLCJleHAiOjE2ODkwNDU2ODExMTgsIm1hYyI6IjI4OkQwOkVBOjY5Ojc4OjBBIn0.gURnz0n5u398-3gQWwvWVygvWUlDEypRHOKJnS8r4HE";
        // 1、使用对称加密算法生成密钥
        SecretKey secretKey = generateSymmetricKey();
        System.out.println("对称加密密钥:"+ Base64.getEncoder().encodeToString(secretKey.getEncoded()));
        // 2、使用RSA公钥加密对称密钥
        byte[] encryptedKey = encryptKey(secretKey, keyPair.getPublic());
        System.out.println("加密后的 对称加密密钥:"+ Base64.getEncoder().encodeToString(encryptedKey));
        System.out.println("对称加密中的公钥:"+ Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded()));
        // 3、使用对称密钥加密数据
        byte[] encryptedData = encryptData(data.getBytes(), secretKey);
        // 4、解密对称密钥
        SecretKey decryptedKey = decryptKey(encryptedKey, keyPair.getPrivate());
        System.out.println("非对称加密中的私钥:"+ Base64.getEncoder().encodeToString(keyPair.getPrivate().getEncoded()));
        // 解密数据
        byte[] decryptedData = decryptData(encryptedData, decryptedKey);

        // 输出解密后的数据
        System.out.println(new String(decryptedData));
    }

    /**
     * 生成密钥对
     * @param keyLength 密钥长度
     * @return 密钥对
     */
    public static KeyPair generateRSAKeyPair(int keyLength) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(keyLength);
        return keyPairGenerator.generateKeyPair();
    }

    /**
     * 使用AES加密算法生成对称密钥
     * @return 密钥
     */
    public static SecretKey generateSymmetricKey() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128); // 使用256位密钥长度
        return keyGenerator.generateKey();
    }

    /**
     * 使用RSA公钥加密对称密钥
     * @param secretKey 对称密钥
     * @param publicKey RSA公钥
     * @return 加密后的密钥
     */
    public static byte[] encryptKey(SecretKey secretKey, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        return cipher.doFinal(secretKey.getEncoded());
    }

    /**
     * 解密对称密钥
     * @param encryptedKey AES加密后的密钥
     * @param privateKey RSA私钥
     * @return 解密后的AES密钥
     */
    public static SecretKey decryptKey(byte[] encryptedKey, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] decryptedKeyBytes = cipher.doFinal(encryptedKey);
        return new SecretKeySpec(decryptedKeyBytes, "AES");
    }

    /**
     * 使用对称密钥加密数据
     * @param data 数据
     * @param secretKey 对称密钥
     * @return 密文
     */
    public static byte[] encryptData(byte[] data, SecretKey secretKey) throws Exception {
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        return cipher.doFinal(data);
    }

    /**
     * 使用对称密钥对数据进行解密
     * @param encryptedData 密文
     * @param secretKey 对称密钥
     * @return 明文
     */
    public static byte[] decryptData(byte[] encryptedData, SecretKey secretKey) throws Exception {
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, secretKey);
        return cipher.doFinal(encryptedData);
    }

}
